fluent-bit icon indicating copy to clipboard operation
fluent-bit copied to clipboard

Published 20 hours ago verified publisher icon fluent

Support managed identity for Azure Blob output

Open nilsga opened this issue 4 years ago • 9 comments

In addition to shared key authorization for Azure Blob output, it would be nice to be able to use managed identities in environments that support this, such as Azure Kubernetes Service. Managed identities makes it easier to manage fine grained access, and to avoid having secrets that need to be rotated.

nilsga avatar Nov 27 '20 10:11 nilsga

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Mar 06 '21 02:03 github-actions[bot]

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] avatar Mar 11 '21 02:03 github-actions[bot]

Although this has been inactive, I think it is still valid.

nilsga avatar Mar 12 '21 08:03 nilsga

Agreed this is still valid and looks like it is required if you are building managed applications that also need to have logging enabled without manually updating credentials when they are expired. Does this require any attention from the Microsoft side to move forward?

david-yu avatar Mar 29 '21 16:03 david-yu

We also have this issue. Is there a possibility that this will be implemented in the future ?

OpzekerIT avatar Jun 30 '21 13:06 OpzekerIT

Also have this issue

michelefa1988 avatar Feb 16 '22 17:02 michelefa1988

+1

jrcast avatar Apr 23 '22 06:04 jrcast

~For anyone looking for a solution, as a workaround, you can use the CSI Blob Driver for Azure. See: https://github.com/kubernetes-sigs/blob-csi-driver~

~You can authenticate the blob driver using an Azure Identity, mount the blob in the FluentBit pod as a PVC, and use the "file" FluentBit output pointed to the corresponding volume path. Note: The CSI driver stores files in the PVC as block blobs.~

EDIT: TLDR; After playing with this idea for a bit, I believe this is not a good solution after all.

fluentBit's file output does not have a way to control how big the files are before rotation. In addition, the CSI Blob driver does not support append blobs or immutable block blobs. So you have to chose between dropping millions of small block blobs or having a large block blob that has to be re-uploaded on every update by fluentBit.

In the end, neither of these 2 options are viable as a workaround.

jrcast avatar Apr 26 '22 08:04 jrcast

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale label.

github-actions[bot] avatar Aug 03 '22 02:08 github-actions[bot]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days. Maintainers can add the exempt-stale label.

github-actions[bot] avatar Nov 02 '22 02:11 github-actions[bot]

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] avatar Nov 08 '22 02:11 github-actions[bot]

Can we stop making this as stale?

sstarcher avatar Nov 08 '22 14:11 sstarcher

+1, would be good if this was implemented. @edsiper happy to contribute if this would be accepted (would need a bit of guidance!)

HarleyB123 avatar Jan 31 '23 14:01 HarleyB123

Plus from my side, can help with testing.

vladimirglazkov avatar May 23 '23 16:05 vladimirglazkov

+1

dhilipkumars avatar Sep 08 '23 12:09 dhilipkumars

@edsiper @leonardo-albertovich this request seems still relevant. Can we re-open this issue please.

dhilipkumars avatar Sep 08 '23 12:09 dhilipkumars

I would be happy to contribute as well if this would be accepted

prateek1192 avatar Nov 29 '23 21:11 prateek1192